b2ydyi18.myraidbox.de Open in urlscan Pro
159.69.20.169  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/	6 KB 2 KB	82ms 10ms	Document text/html	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash 74165460d4e43c32ef6a6c50d5227375cafad5e4106c5d1e7d3e47cb9a53d013 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Tue, 22 Aug 2023 09:16:21 GMT server nginx strict-transport-security max-age=63072000 vary Accept-Encoding x-cache HIT x-cache-device-type responsive x-cache-type NGINX x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/	160 KB 25 KB	54ms 25ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://b2ydyi18.myraidbox.de/ Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15640964 x-jsd-version 5.1.3 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230037-FRA, cache-jnb7025-JNB x-jsd-version-type version server cloudflare etag W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79Yoe1kCmlmGN2cbrV143r2rDCYpHN845qX4eO38vSfbyYG%2BWV1EdGXAjqHpYwMXqx6pLCmYIAsF4a%2FDHe83NhVTasZ8zAhibtZw2VgEYURP%2FPw00PLhgBLs2g4OaOZEIaKHuwN4HTdpkaY6Mjs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 7faa04395a9e5c32-FRA
GET H2	200	e8114af147.js Show response kit.fontawesome.com/	11 KB 5 KB	160ms 134ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/e8114af147.js Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c91a16dd7d0ac63701892b6ee1982efe4e2f9eb3ad2c6f5a3891e0b2d3ae1625 Request headers Referer https://b2ydyi18.myraidbox.de/ Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT content-encoding gzip cf-cache-status MISS server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 7faa04395d7730d8-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F32p2ErllqmwRK3TUFAh
GET H2	200	fl_style_01.css b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/	6 KB 2 KB	11ms 10ms	Stylesheet text/css	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fl_style_01.css Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash 8b75b7954f4505c1936fa6bd0c624a763c444cdaad593c7fced1c06e20ccc947 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma public date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx content-encoding br etag W/"64e47912-177d" x-cache-type STATIC vary Accept-Encoding content-type text/css cache-control max-age=31536000, public x-cache-device-type responsive x-xss-protection 1; mode=block expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	63ms 14ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 20:17:05 GMT content-encoding gzip x-content-type-options nosniff age 46756 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Aug 2024 20:17:05 GMT
GET H2	200	lg14220.png b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/	4 KB 4 KB	10ms 10ms	Image image/png	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/lg14220.png Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash a9a464ff0605b708216eb01835ee5c5672583462d63e4244dd1abd0a2ff7fc02 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 3896 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-f38" vary Accept-Encoding, Accept content-type image/png cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	serch14311.png b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/	654 B 1005 B	10ms 10ms	Image image/png	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/serch14311.png Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash 32e678052f9488dc4278cd879ee205c81bb21d73b1e7f3bc39656948a59d83bd Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 654 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-28e" vary Accept-Encoding, Accept content-type image/png cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	chkon05348.png b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/	1 KB 2 KB	10ms 10ms	Image image/png	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/chkon05348.png Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash c60def2386496eae3ed49b2592159812fa0882b2544f3e1436579f10975568a6 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 1402 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-57a" vary Accept-Encoding, Accept content-type image/png cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	quik45100.png b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/	813 B 1 KB	12ms 12ms	Image image/png	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/img/quik45100.png Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash 8debf3a9a79de1d3285910e5fcd57fc3806f61084f09b9281cc20405aea3919c Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 813 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-32d" vary Accept-Encoding, Accept content-type image/png cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/	76 KB 24 KB	20ms 20ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://b2ydyi18.myraidbox.de/ Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13946605 x-jsd-version 5.1.3 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230075-FRA, cache-yyz4558-YYZ x-jsd-version-type version server cloudflare etag W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkH0eQy4OTQJBxPVfQ1tgUDODu6kdDdl0JsUMToH0Dirk%2BsH6IK68yJbURQAI65j7BT557DWD5dR5CjggC32B8O1cj3JYGNMza2q0dM8sW9Rz9FiN1ZbGgqEs%2F0yBW%2FoTzjd1%2FVoNWf81Ky6mew%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 7faa0439baf35c32-FRA
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	60ms 33ms	Fetch text/css	2606:4700:e2::ac40:8309 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e8114af147 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e8114af147.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT via 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD%2BwctTP0mJi8SVS5axVbJU56IuCDD1jxL6I%2BAtYm0napvqSJ8B4yykjHZ8mImYeFNx4KyqVQAhcHq9RzKgjYYty9hqlWXOtgpk7c1vo6TD0Wz%2BfscFED%2Fhf2r1mTzCx5d4Yj9AHZz9%2FYYgWNiPNovHrRw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7faa043a7a772bc2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 8EwUAVuyvJoIWBedf0BbOKUx6NhmQVSbgOMvLANTkfVFWNOLdA8BqQ==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	56ms 29ms	Fetch text/css	2606:4700:e2::ac40:8309 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e8114af147 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e8114af147.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT via 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGyGTo2S696O%2FU0rsGIhIsZUvOyP1EKWN4WX1zm7EVwN34wTpcttzEGJ79Hbjh4dbHCJzxxwYrPWJ7B61qfrSpjl8Fv9aFwyNdGmegtMbVYGLGwoyTrYiIgTgSuJJvFKRcNmsQC2gr%2B1BlFG2LuNicsb3g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7faa043a7a7a2bc2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id sWbgCFefbrbXRwqumLjI7dG0rZXQDJQysTGXCfOUgTq-NxEDj-nAjw==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	67ms 40ms	Fetch text/css	2606:4700:e2::ac40:8309 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e8114af147 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e8114af147.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers accept-language de-DE,de;q=0.9 Referer https://b2ydyi18.myraidbox.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT via 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPGs0jIMaZugpWxr4OszF780zh6VJ9bpy6BrDO1FrCfYmS5zAQviubqJIOxJNQVJ6tF62vlqEOOA2lw8NozwAh7ar30UmuQQeDbXWWyfUXllQkd1CsNDo6A9S5kSAywWPnns4zsZSZetNxQOupLy1spD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7faa043a7a7c2bc2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id inOLCmVRHgCA2kuSM7bzb3-srmecyBFaej6NJLANv7RKxwSQt8Vwhw==
GET H2	200	LufthansaHeadWeb-Bold.woff2 b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fontslatin/	50 KB 51 KB	23ms 23ms	Font font/woff2	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fontslatin/LufthansaHeadWeb-Bold.woff2 Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fl_style_01.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash 0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fl_style_01.css Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 51548 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-c95c" vary Accept-Encoding content-type font/woff2 cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	LufthansaTextWeb-Regular.woff2 b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fontslatin/	50 KB 51 KB	34ms 34ms	Font font/woff2	159.69.20.169 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fontslatin/LufthansaTextWeb-Regular.woff2 Requested by Host: b2ydyi18.myraidbox.de URL: https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fl_style_01.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.20.169 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS b2ydyi18.myraidbox.de Software nginx / Resource Hash d9f86fb0251696b9bd299b5df513adabb01be733a549322fc8e38381c80f7277 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://b2ydyi18.myraidbox.de/M/8N7fanwDXj3pDfH9684/Appsource/css/fl_style_01.css Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff x-cache-type STATIC content-length 51648 x-xss-protection 1; mode=block pragma public last-modified Tue, 22 Aug 2023 09:00:02 GMT server nginx etag "64e47912-c9c0" vary Accept-Encoding content-type font/woff2 cache-control max-age=31536000, public accept-ranges bytes x-cache-device-type responsive expires Wed, 21 Aug 2024 09:16:21 GMT
GET H2	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	76 KB 77 KB	23ms 23ms	Font font/woff2	2606:4700:e2::ac40:8309 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8309 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7 Request headers Referer https://b2ydyi18.myraidbox.de/ Origin https://b2ydyi18.myraidbox.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 22 Aug 2023 09:16:21 GMT via 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 78168 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "a9fd1225fb2cd32320e2b931dca01089" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6uW5Fvffvse%2B8mnkbmZ%2B8QBwgc04QSjwv40vEbOEa2RxgIjujufxxW4kgXcr0bsUZ0BJbSz92hiC%2FC0W9rpJpMuuA8AEhv9QzCPLMAW1QwCHjN1zjR%2FT6LvovMnXXMrYLjPW4IAqtNWGYNwW30YQjIEiA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 7faa043adad52bc2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id ThSjEdcmzz8VzdrkibvKQapBan8WrC9nZ0wfy_OUhLD10vSRiD7OkA==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lufthansa (Transportation)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| FontAwesomeKitConfig function| $ function| jQuery function| validateluf function| myFunction number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b2ydyi18.myraidbox.de
cdn.jsdelivr.net
ka-f.fontawesome.com
kit.fontawesome.com
159.69.20.169
2606:4700::6810:5914
2606:4700::6812:1634
2606:4700:e2::ac40:8309
2a00:1450:4001:831::200a
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
32e678052f9488dc4278cd879ee205c81bb21d73b1e7f3bc39656948a59d83bd
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
74165460d4e43c32ef6a6c50d5227375cafad5e4106c5d1e7d3e47cb9a53d013
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8b75b7954f4505c1936fa6bd0c624a763c444cdaad593c7fced1c06e20ccc947
8debf3a9a79de1d3285910e5fcd57fc3806f61084f09b9281cc20405aea3919c
a9a464ff0605b708216eb01835ee5c5672583462d63e4244dd1abd0a2ff7fc02
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c60def2386496eae3ed49b2592159812fa0882b2544f3e1436579f10975568a6
c91a16dd7d0ac63701892b6ee1982efe4e2f9eb3ad2c6f5a3891e0b2d3ae1625
d9f86fb0251696b9bd299b5df513adabb01be733a549322fc8e38381c80f7277
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda